Scan Tack

Publisher Information

Scan Tack is a brand of the Sambreel/Yontoo group, a web advertising company located in Carlsbad, CA. The company is a primary distributor of adware type software. It is part of the Yontoo/Sambreel group and distributes web browser add-ons, typically potentially unwanted and adware in nature, that are designed to modify a user's typical search beahvior as well as display context and popup advertising. There is one additional code signing certificate issued to this publisher.
Remove Scan Tack Malware - Powered by Reason Core Security
Authority:
VeriSign, Inc.

Valid from:
1/21/2014 6:00:00 PM

Valid to:
1/22/2015 5:59:59 PM

Subject:
CN=Scan Tack, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Scan Tack, L=San Diego, S=California, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
44d91a3142283ce62b23f23c84838b0d

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Service.Yontoo, PUP.Yontoo, Adware.Yontoo.ScanTack, PUP.Yontoo.ScanTack, PUP.Yontoo.ScanTack (M), PUP.Yontoo.ScanTack.Installer (M), Adware.Yontoo.ScanTack (M)
100.00%

VIPRE Antivirus
Yontoo, Threat.4741131, Trojan.Win32.Generic, Threat.4150696, Adware.Agent
86.00%

AVG
Megabrowse, Generic, MalSign.Slizearch, Hypeet, MalSign.Skodna.glindorus, AdPlugin, BrowseFox.A, Adware BrowseFox.A, Adware BrowseFox.F, MalSign.Generic
84.00%

Emsisoft Anti-Malware
Adware.SwiftBrowse.Y, Gen:Variant.Adware.SwiftBrowse, Adware.BrowseFox.V, Adware.SwiftBrowse.AD, Adware.SwiftBrowse.CH, Adware.NetFilter
82.00%

MicroWorld eScan
Adware.SwiftBrowse.Y, Gen:Variant.Adware.SwiftBrowse.1, Adware.BrowseFox.V, Adware.Agent.OCH, Adware.SwiftBrowse.AD, Adware.SwiftBrowse.CH, Adware.NetFilter.E, Adware.Agent.OET, Adware.SwiftBrowse.P
80.00%

Bitdefender
Adware.SwiftBrowse.Y, Gen:Variant.Adware.SwiftBrowse.1, Adware.BrowseFox.V, Adware.Agent.OCH, Adware.SwiftBrowse.AD, Adware.SwiftBrowse.CH
80.00%

Dr.Web
Trojan.BPlug.281, Trojan.BPlug.307, Trojan.BPlug.218, hacktool program Tool.NetFilter.313, Trojan.BPlug.95, Trojan.BPlug.102
80.00%

G Data
Adware.SwiftBrowse.CF, Adware.BrowseFox, Adware.Agent.OCH, Adware.SwiftBrowse.CH, Adware.NetFilter, Win32.Application.BrowseFox
80.00%

nProtect
Adware.SwiftBrowse.Y, Trojan-Clicker/W32.Agent.196896, Adware.BrowseFox.V, Adware.Agent.OCH, Adware.SwiftBrowse.AD, Adware.SwiftBrowse.CH
78.00%

Baidu Antivirus
Adware.Win32.BrowseFox, Adware.Win64.BrowseFox, Adware.MSIL.BrowseFox, Adware.Win32.LinkSwift, Adware.Win32.Agent
78.00%

41 / 68    (Adware)

22 / 68    (Adware)
scantackbaapp.dll  (e4ec451e8eafdcc54910868ee14fd27e)

15 / 68    (Adware)
scantack.browseradapter.exe  (b83c582290f7fb9b15418f5a827a720b)

16 / 68    (Adware)
scantack_setup.exe  (4fef3b643f652b7719998fd195952306)

41 / 68    (Adware)

18 / 68    (Adware)
scantack.browseradapter.exe  (a7de7d6d8e2ebf64827a09598c7c187a)

7 / 68      (Adware)
{9acd1534-e8f8-40cb-b5ac-4996fe01175b}gt.sys (StdLib)  (06a2805f7b6c56fda7a826f1e1806fba)

30 / 68    (Adware)

41 / 68    (Adware)

1 / 68      (Adware)
9acd1534e8f840cbb5ac64.dll  (37a495dd95d26580f6e26061ce4791cd)

1 / 68      (Adware)
9acd1534e8f840cbb5ac.dll  (c10f79f6d911415304b2b84cff6a4144)

1 / 68      (Adware)
ScanTackBrowserFilter.exe  (2e686bade54b6df056dd06af83caebdf)

1 / 68      (Adware)
scantack.browserfilter.helper.dll  (9baf1ea6ecf5c2dba5b6dde610ca0662)

24 / 68    (Adware)
scantack.purbrowse64.exe  (8447cf39bdfa66b20383caa7156078c1)

31 / 68    (Adware)
{9acd1534-e8f8-40cb-b5ac-4996fe01175b}w64.sys (StdLib)  (9933bc5c6d96b821db2542f26e68d4c4)

1 / 68      (Adware)
utilscantack.exe  (4b40b595f611ad04df0125fa69c88f3a)

20 / 68    (Adware)
scantack_setup.exe  (d95d99fe3be16ceda391bd3d88d61726)

2 / 68      (Adware)
wstlib64.sys (StdLib)  (2fe8327ef598569843f69f225570ec9d)

26 / 68    (Adware)
{9af01943-a5fc-49e4-b5b9-304e8b296bb1}w64.sys (StdLib)  (067a6cfdfbbf39cd4fd9792d5810826f)

35 / 68    (Adware)

15 / 68    (Adware)
updatescantack.exe.infected  (0856b71ee0537ceed4fa1f89aa0a58b6)

25 / 68    (Adware)
scantackbrowserfilter.exe.infected  (f61af3c13a5f4e20aa76a200ec227f55)

27 / 68    (Adware)

27 / 68    (Adware)
scantack.brostats.dll.infected  (a20d039767cbae3d3a9573b707497f11)

27 / 68    (Adware)
scantack.bromon.dll.infected  (e2f3b057a555acd464a103956aeda3b5)

28 / 68    (Adware)
9acd1534e8f840cbb5ac.dll.infected  (441d40cd4916fcaeaaedfec2d0d85830)

25 / 68    (Adware)
maintainer.bak  (c8c39e37eb58b850b9c3c7c3925254de)

37 / 68    (Adware)
scantackbho.dll (ScanTack)  (3bf760154e04ab449a1b7645ff1347f7)

13 / 68    (Adware)
updatescantack.exe  (de8b46589cc595aee43ec0a8c07b952f)

25 / 68    (Adware)
filterapp_c64.exe  (4eddf4cbd784644ee45e87d12e59447a)

 
Latest 30 of 508 files

The following certificate is also signed by Scan Tack.

3189867C5406A0187436F786B38369D7  (Jan 05, 2015 to Mar 06, 2016)

The following publishers (by Authenticode signature organization name) are related.

30 of 141 publishers

Remove Scan Tack Malware - Powered by Reason Core Security
* Note, the details and description above are based on the code signing digital signature issued to Scan Tack by VeriSign, Inc. on January 21, 2014 with the serial number '44d91a3142283ce62b23f23c84838b0d'.